348/69 Friday, June 26, 2026
Google has released a security update for Chrome 149 to address a total of 18 vulnerabilities, including 4 Critical and 14 High-severity flaws. This update is separate from the earlier emergency update that fixed the zero-day vulnerability CVE-2026-11645, which had reportedly been exploited in attacks. Google has not stated that any of the vulnerabilities fixed in the latest update have been actively exploited.
Most of the vulnerabilities addressed in this update are Use-after-free flaws, which are memory-related issues that could lead to remote code execution under certain conditions. These flaws were found in several components, including WebGL, Autofill, Digital Credentials, FileSystem, Web Authentication, Blink, Bluetooth, and WebView. Other vulnerabilities include Out-of-bounds read, Inappropriate implementation, Uninitialized use, and Insufficient validation of untrusted input in other browser components.
The latest update is being rolled out as Chrome version 149.0.7827.196/197 for Windows and macOS, and version 149.0.7827.196 for Linux. Users and system administrators should check and update Chrome to the latest version as soon as possible. This can be done through Help > About Google Chrome, followed by restarting the browser after the update is installed to ensure that the security patches are fully applied.
Source: https://www.securityweek.com/chrome-149-update-resolves-18-severe-vulnerabilities/